[PATCH] acpi: csrt: fix resource descriptor can go over boundary
Alex Hung
alex.hung at canonical.com
Wed Mar 2 10:13:22 UTC 2016
When calculating the rd_offset, SharedInfoLength is not added.
As a result, rd_offset is smaller than it should have been.
Signed-off-by: Alex Hung <alex.hung at canonical.com>
---
src/acpi/csrt/csrt.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/acpi/csrt/csrt.c b/src/acpi/csrt/csrt.c
index d1ef853..2a29826 100644
--- a/src/acpi/csrt/csrt.c
+++ b/src/acpi/csrt/csrt.c
@@ -122,7 +122,8 @@ static int csrt_test1(fwts_framework *fw)
/* Do we have enough space for a resource descriptor? */
if (rg_length > sizeof(fwts_acpi_table_csrt_resource_descriptor)) {
- size_t rd_offset = sizeof(fwts_acpi_table_csrt_resource_group);
+ size_t rd_offset = sizeof(fwts_acpi_table_csrt_resource_group) +
+ rg->shared_info_length;
int rd_count = 0;
fwts_acpi_table_csrt_resource_descriptor *rd =
(fwts_acpi_table_csrt_resource_descriptor *)
--
2.5.0
More information about the fwts-devel
mailing list